@aikdna/kdna-cli 0.26.6 → 0.26.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/package.json +1 -1
  2. package/src/cmds/demo.js +1 -2
  3. package/src/cmds/domain.js +1 -1
  4. package/src/install.js +6 -6
  5. package/src/verify.js +2 -2
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aikdna/kdna-cli",
3
- "version": "0.26.6",
3
+ "version": "0.26.8",
4
4
  "description": "KDNA CLI — runtime control plane for inspecting, validating, planning, packing, unpacking, and loading local .kdna assets.",
5
5
  "type": "commonjs",
6
6
  "bin": {
package/src/cmds/demo.js CHANGED
@@ -49,9 +49,8 @@ function cmdDemo(args) {
49
49
  for (const f of copied) process.stdout.write(` ${f}\n`);
50
50
  process.stdout.write(`\nMinimal KDNA Core v1 demo created at: ${outDir}\n\n`);
51
51
  process.stdout.write('Next:\n');
52
- process.stdout.write(` kdna inspect ${dest}\n`);
53
- process.stdout.write(` kdna validate ${dest}\n`);
54
52
  process.stdout.write(` kdna pack ${dest} ${dest}.kdna\n`);
53
+ process.stdout.write(` kdna inspect ${dest}.kdna\n`);
55
54
  process.stdout.write(` kdna validate ${dest}.kdna\n`);
56
55
  process.stdout.write(` kdna plan-load ${dest}.kdna\n`);
57
56
  process.stdout.write(` kdna load ${dest}.kdna --profile=compact --as=prompt\n`);
package/src/cmds/domain.js CHANGED
@@ -431,7 +431,7 @@ with zipfile.ZipFile(out, 'w', zipfile.ZIP_DEFLATED) as zf:
431
431
  console.log(` Domain: ${domainName} v${manifest.version}`);
432
432
  console.log(` Files: ${fileCount} KDNA JSONs`);
433
433
  console.log(` Container: ZIP (DEFLATE)`);
434
- console.log(` Trust: dev-only bundle; not registry-trusted`);
434
+ console.log(` Provenance: dev-only bundle; not release-reviewed`);
435
435
  }
436
436
 
437
437
  // #22: Node.js-native ZIP creator (zero dependencies, fallback when python3/zip unavailable)
package/src/install.js CHANGED
@@ -561,16 +561,16 @@ function installFromLocalFile(filePath, yes, jsonMode = false, trusted = false)
561
561
  }
562
562
  }
563
563
 
564
- // --trusted mode: signature must be present and verified
564
+ // Legacy --trusted mode: signature/provenance evidence must be present and verified.
565
565
  if (trusted && trustLevel.issues.length > 0) {
566
566
  const reasons = trustLevel.issues.map((i) => ` - ${i}`).join('\n');
567
567
  error(
568
- `Trust verification failed for local .kdna asset:\n${reasons}\n\n` +
568
+ `Signature/provenance verification failed for local .kdna asset:\n${reasons}\n\n` +
569
569
  `Use 'kdna install <file.kdna>' without --trusted to install anyway (unverified local asset).`,
570
570
  EXIT.TRUST_FAILED,
571
571
  );
572
572
  }
573
- // Signature is required for --trusted mode
573
+ // Signature is required for legacy --trusted mode.
574
574
  if (trusted && !manifest.signature) {
575
575
  error(
576
576
  '--trusted requires a signed .kdna asset. This asset has no signature.\n' +
@@ -578,7 +578,7 @@ function installFromLocalFile(filePath, yes, jsonMode = false, trusted = false)
578
578
  EXIT.TRUST_FAILED,
579
579
  );
580
580
  }
581
- // For tested+ quality_badge, require Studio-compatible authoring provenance
581
+ // For tested+ quality_badge, require Studio-compatible authoring provenance.
582
582
  const highTrustBadges = new Set(['tested', 'validated', 'expert_reviewed', 'production_ready']);
583
583
  if (
584
584
  trusted &&
@@ -594,9 +594,9 @@ function installFromLocalFile(filePath, yes, jsonMode = false, trusted = false)
594
594
 
595
595
  if (!jsonMode) {
596
596
  if (trustLevel.label === 'local_signature_verified') {
597
- console.log(` Trust: ${trustLevel.label}`);
597
+ console.log(` Verification: ${trustLevel.label}`);
598
598
  } else {
599
- console.warn(` Trust: ${trustLevel.label} — ${trustLevel.issues.join('; ')}`);
599
+ console.warn(` Verification: ${trustLevel.label} — ${trustLevel.issues.join('; ')}`);
600
600
  }
601
601
  }
602
602
 
package/src/verify.js CHANGED
@@ -506,7 +506,7 @@ function checkJudgment(input, options = {}) {
506
506
  issues.push({ severity: 'error', msg: 'kdna.json missing required field: judgment_version' });
507
507
  }
508
508
 
509
- // 7. Authoring provenance gate for trusted quality claims.
509
+ // 7. Authoring provenance gate for reviewed quality claims.
510
510
  const badgeRank = {
511
511
  untested: 0,
512
512
  tested: 1,
@@ -526,7 +526,7 @@ function checkJudgment(input, options = {}) {
526
526
  });
527
527
  } else {
528
528
  score.total += 1;
529
- passed.push('✓ authoring provenance satisfies trusted quality gate');
529
+ passed.push('✓ authoring provenance satisfies reviewed quality gate');
530
530
  }
531
531
  } else if (!manifest?.authoring) {
532
532
  issues.push({